Scanned pages/files
Request | Server response | Status |
http://www.gegeshe21.com/ | HTTP/1.1 200 OK Date: Wed, 03 Jun 2015 11:10:50 GMT Accept-Ranges: bytes ETag: "5881a10e79dd01:1427b" Server: Microsoft-IIS/6.0 Content-Length: 6535 Content-Location: http://www.gegeshe21.com/index.html Content-Type: text/html Last-Modified: Wed, 03 Jun 2015 10:21:06 GMT | clean |
http://www.gegeshe21.com/index.html | 200 OK Content-Length: 6535 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by Red Devils Crew K.O.K ...[980 bytes skipped]... ;<script language="Javascript" src="http://www.ip2phrase.com/ip2phrase.asp?template=Country : <COUNTRY> City : <CITY> <FLAG> Ip Adress : <IP>"></script></center> <BGSOUND balance=0 src="http://zxz.yzzjzy.com.cn/news/SeTuVuoi.mp3" volume=-1> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1252"> <title>Hacked by Red Devils Crew K.O.K </title> </head> <body onload="teclear();" bgcolor="#000000"> <style> <!-- .layermensaje { font-family: "arial"; font-size: 9pt; color: #ffffff; line-height: 13pt} //--> </style> <script language="javascript"> <!-- // mensaje elite mensaje= '<center><h1><p><font color="#FF0000">K.O.K</font> E ...[6508 bytes skipped]... | ||
http://www.gegeshe21.com/test404page.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gegeshe21.com
Result:
GET / HTTP/1.1
Host: gegeshe21.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: gegeshe21.com
Referer: http://www.google.com/search?q=gegeshe21.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gegeshe21.com
Referer: http://www.google.com/search?q=gegeshe21.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gegeshe21.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://gegeshe21.com/
Result: gegeshe21.com is not infected or malware details are not published yet.
Result: gegeshe21.com is not infected or malware details are not published yet.